我已经使用oledb提供程序(SQLOLEDB和SQL Native OLEDB提供程序)创建了一个示例应用程序。
案例1:提供者= SQLOLEDB
hr = ::CoInitializeEx(NULL, COINIT_MULTITHREADED);
hr = cADOConnection.CreateInstance(__uuidof(Connection));
CString con_string = "provider=SQLOLEDB;server=MYPC;Database=MyDB";
CString SSlcon_string = "provider=SQLOLEDB;Encrypt=true;TrustServerCertificate=true;server=MYPC;Database=MyDB";
CString userName = "sa";
CString Password = "sa";
BSTR bsConnection = /*con_string*/SSlcon_string.AllocSysString();
BSTR uName = userName.AllocSysString();
BSTR uPassword = Password.AllocSysString();
hr = cADOConnection->Open(bsConnection, uName, uPassword, adConnectUnspecified);
printf("connection has been established");
VARIANT vaNoRecords;
memset(&vaNoRecords, 0, sizeof vaNoRecords);
CString sql = "SELECT * FROM salary";
BSTR query = sql.AllocSysString();
_RecordsetPtr rs;
rs = cADOConnection->Execute(query, &vaNoRecords, adCmdText);
printf("connection has been established\n");
结果:如果在服务器计算机上安装了证书,则无论启用哪个连接都是安全的 连接字符串中的Encrypt = true和TrustServerCertificate = true。
案例2:Provider = SQLNCLI10.1(SQL本机客户端oledb提供程序)
HRESULT hr;
hr = ::CoInitializeEx(NULL, COINIT_MULTITHREADED);
hr = cADOConnection.CreateInstance(__uuidof(Connection));
CString con_string = "provider=SQLNCLI10.1;server=MYPC;Database=MyDB";
CString SSlcon_string = "provider=SQLOLEDB;Encrypt=true;TrustServerCertificate=true;server=MYPC;Database=MyDB";
CString userName = "sa";
CString Password = "sa";
BSTR bsConnection = con_string/*SSlcon_string*/.AllocSysString();
BSTR uName = userName.AllocSysString();
BSTR uPassword = Password.AllocSysString();
hr = cADOConnection->Open(bsConnection, uName, uPassword, adConnectUnspecified);
printf("connection has been established");
VARIANT vaNoRecords;
memset(&vaNoRecords, 0, sizeof vaNoRecords);
CString sql = "SELECT suppliernumber, name1 FROM zrs_supplier";
BSTR query = sql.AllocSysString();
_RecordsetPtr rs;
rs = cADOConnection->Execute(query, &vaNoRecords, adCmdText);
printf("connection has been established\n");
结果:如果在服务器计算机上安装了证书,则无论启用哪个连接都是安全的 连接字符串中的Encrypt = true和TrustServerCertificate = true。结果与上面相同。
在这两种情况下我都有同样的行为。我在这里遗漏了什么? 任何建议将不胜感激? Original question
答案 0 :(得分:0)
用
替换连接字符串CString SSlcon_string = "provider=SQLOLEDB;Use Encryption for Data=True;server=MYPC;Database=MyDB";
其余步骤将相同。在客户端计算机上安装相同的证书(存在于服务器上)" 被盗的根证书颁发机构"文件夹中。
如果服务器和客户端都具有相同的证书,那么将建立连接(SSL连接),否则将失败。